CVE-2026-9567

A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the publ...

EUVD-2026-31945

A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isomintern.c of the component MP4Box. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been released to the publ...

GPAC 安全漏洞

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 2.4.0 have security vulnerabilities. These vulnerabilities stem from improper handling of the cat parameter in the MediaGetSample function within the MP4Box component, which can lead to memory leaks...

Astra Linux - уязвимость в gpac

A vulnerability has been discovered in GPAC 2.5-DEV-rev228-g11067ea92-master. This vulnerability affects the xmtnodeend function in the src/scenemanager/loaderxmt.c file of the MP4Box component. The vulnerability allows for data to be accessed after it has been freed from memory, requiring local...

CVE-2026-7135

A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master. Affected by this vulnerability is the function elngboxread of the file src/isomedia/boxcodebase.c of the component MP4Box. Performing a manipulation of the argument elng results in out-of-bounds read. The attack...

PT-2026-25559

A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf def bits jpeg of the file src/scene manager/swf parse.c of the component MP4Box. The manipulation of the argument szName results in stack-based buffer overflow. It is possible to...

CVE-2024-6061

A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffinprocess of the file src/filters/isoffinread.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch the...

CVE-2024-6062

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swfsvgaddisosample of the file src/filters/loadtext.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be...

CVE-2024-6064

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been declared as problematic. This vulnerability affects the function xmtnodeend of the file src/scenemanager/loaderxmt.c of the component MP4Box. The manipulation leads to use after free. Local access is required to...

UBUNTU-CVE-2024-50664

gpac 2.4 contains a heap-buffer-overflow at isomedia/sampledescs.c:1799 in gfisomnewmphadescription in gpac/MP4Box...

NULL Pointer Dereference

libgpac.so is vulnerable to NULL Pointer Dereference. The vulnerability is due to improper memory management within the swfsvgaddisosample function in src/filters/loadtext.c of the component MP4Box...

DEBIAN-CVE-2024-6061

A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffinprocess of the file src/filters/isoffinread.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch the...

CVE-2024-6062

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swfsvgaddisosample of the file src/filters/loadtext.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be...

PT-2024-37355 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 2.5-DEV-rev228-g11067ea92-master Description: A problematic issue has been found, affecting the isoffin process function of the src/filters/isoffin read.c file in the MP4Box component. This issue leads to an infinite loop. The...

UBUNTU-CVE-2023-46931

GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmxparsesidedata /afltest/gpac/src/filters/ffdmx.c:202:14 in gpac/MP4Box...

PT-2021-6519 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue is related to a memory leak in the infe box read function of the MP4Box component in the GPAC multimedia platform. This allows attackers to read memory via a crafted file, potentially giving them acce...